11 matches found
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
GHSA-5XP2-7QFC-FWGC Jenkins Compuware zAdviser API Plugin vulnerable to protection mechanism failure
Jenkins Compuware zAdviser API Plugin defines a controller/agent message that retrieves Java system properties. Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of the controller/agent message to agents. This allows attackers able to control agent processes to retrieve...
Jenkins Compuware zAdviser API Plugin vulnerable to protection mechanism failure
Jenkins Compuware zAdviser API Plugin defines a controller/agent message that retrieves Java system properties. Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of the controller/agent message to agents. This allows attackers able to control agent processes to retrieve...
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
Code injection
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
CVE-2022-36900
CVE-2022-36900 affects Jenkins Compuware zAdviser API Plugin versions 1.0.3 and earlier. The root cause is that the plugin’s controller/agent message is not restricted to agents, enabling an attacker who can control agent processes to retrieve Java system properties. This has been described in mu...
CVE-2022-36900
Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties...
Jenkins Compuware zAdviser API Plugin 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2022-4028 · Compuware +1 · Jenkins Compuware Zadviser Api Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Compuware zAdviser API Plugin versions 1.0.3 and earlier Description: The issue is related to a flaw in the data protection mechanism of the Jenkins Compuware zAdviser API Plugin. This flaw can be exploited by a remote attacker to gai...